package com.wideplay.crosstalk.services;

import com.google.inject.Inject;
import com.google.inject.Provider;
import com.google.inject.Singleton;
import com.wideplay.crosstalk.web.User;
import net.jcip.annotations.ThreadSafe;

/**
 * Checks if a user is authenticated in the current session. 
 *
 * @author Dhanji R. Prasanna (dhanji@gmail.com)
 */
@ThreadSafe @Singleton 
class HttpSessionAuthenticationManager implements AuthenticationManager {

    private volatile Provider<User> user;

    //we must use setter injection, since this
    //object is created outside the injector's control. 
    @Inject
    void setUser(Provider<User> user) {
        this.user = user;
    }

    public boolean isLoggedIn() {
        //checks if there is a valid user bound to the current HTTP session
        return null != user.get().getUsername();
    }
}
